Reblaze Part of Link11
v5
v5v2.20.4v2.20.2v2.20v2.18v2.16v2.14v2.12v2 Release NotesMobile SDK v2.2.x
v5
v5v2.20.4v2.20.2v2.20v2.18v2.16v2.14v2.12v2 Release NotesMobile SDK v2.2.x
  • Reblaze Documentation
  • Release Notes
  • Known Issues
  • User Guide
    • Introduction to Reblaze
  • How Reblaze Works
    • Traffic Filtering Process
    • Traffic Reporting and Analytics
    • Policy Mapping and Traffic Routing
    • Tagging
    • UI Overview and Common Elements
  • Console UI Walkthrough
    • Analytics
      • Dashboard
      • Events Log
    • Security
      • Global Filters
      • Flow Control Policies
      • Security Policies
      • Rate Limit Rules
      • ACL Profiles
      • Actions
      • Dynamic Rules
      • Quarantined
      • Content Filter
        • Content Filter Profiles
        • Content Filter Rules
    • Sites
      • Server Groups
      • Proxy Templates
      • Mobile Application Groups
      • Backend Services
      • Edge Functions
      • DNS Records
      • SSL
        • Load Balancers
        • Certificates
    • System
      • Interactive Challenge
      • SSO Configuration
      • Purge CDN Cache
      • Users Management
      • Security Alerts
      • Log Exporters
      • Version Control
      • System DB
      • Publish Changes
    • Account
  • Using the product
    • Best Practices
      • Saving and Publishing Your Changes
      • Enabling Passive Challenges
      • Understanding and Diagnosing Traffic Issues
    • How Do I...
      • Ban, unban, and allowlist traffic sources
      • Bypass Reblaze for loadtesting or other purposes
      • Configure a new path/section of a site
      • Control caching behavior
      • Enable GraphQL traffic
      • Protect sensitive information in logs and analytics
      • Quickly block an attacker
      • Redirect or block HTTP traffic
      • Run custom code
      • Set rate limits and exemptions
      • Stream event data to a SIEM solution or other destination
    • The Reblaze API
      • Overview
      • Internal data structures
      • Using Swagger UI
      • Using curl
  • Reference Information
    • Acronyms
    • API
      • API access to traffic data
      • Types of namespaces
      • Namespace reference
        • ACL Profiles
        • Actions
        • Backend Services
        • Certificates
        • Configs
        • Content Filter Profiles
        • Content Filter Rules
        • Data queries
        • Dynamic Rules
        • Edge Functions
        • Flow Control Policies
        • Global Filters
        • Load Balancers
        • Log Exporters
        • Mobile Application Groups
        • Planets
        • Proxy Templates
        • Rate Limit Rules
        • Security Alerts
        • Security Policies
        • Server Groups
        • Tags
        • Tools
        • Users
    • Hostile Bot Detection / RCSI
      • Environmental detection and browser verification
      • Client authentication
      • Biometric behavioral verification
    • HTTP Response Codes
    • Log Exporter Output
    • Pattern Matching Syntax
    • Query Filter Syntax and Best Practices
  • Support
Powered by GitBook
On this page
  • Overview
  • Administration
  • Generating a Certificate
  • Editing/Configuring a Certificate
  • Editable parameters and controls

Was this helpful?

Export as PDF
  1. Console UI Walkthrough
  2. Sites
  3. SSL

Certificates

Administration of SSL certificates

PreviousLoad BalancersNextSystem

Last updated 5 months ago

Was this helpful?

Overview

This section allows you to manage your SSL Certificates. Certificates can be attached to Load Balancers, or to domains via Server Groups.

A note on certificates and sites

If you are reading this Manual as part of an initial evaluation of Reblaze, and if you have large numbers of certificates to manage, you should know that Reblaze treats certificates differently than most other security solutions.

It's not unusual for some companies (especially SaaS platforms) to have dozens or even hundreds of certificates to manage. Most security solutions treat each SSL Certificate as a separate "site," and they charge their customers on a per-site basis. Thus, these solutions can be extremely expensive.

Contrary to this, Reblaze does not treat certificates as sites. A certificate is merely a certificate. For customers with tens or hundreds of certificates to manage, Reblaze's monthly pricing can be an order of magnitude less than its competitors'.

Administration

The list of currently defined Certificates is displayed in the main page, shown above. From here, new certificates can be generated, or existing ones can be edited.

Generating a Certificate

Selecting the + New button displays the Generate certificate dialog:

Certificates can be added manually, or Reblaze can parse a PFX file.

Editing/Configuring a Certificate

When an existing Certificate is edited, the Edit Certificate dialog appears:

Editable parameters and controls

Auto Replacement by Let's Encrypt

Let's Encrypt is a free certificate authority service. Reblaze integrates with it, and offers this service by default.

Once a day, Reblaze will check each application it protects. If that application's certificate is going to expire in the coming week, and its Auto Replacement by Let's Encrypt option for that certificate is enabled, Reblaze will generate a new certificate using Let's Encrypt, and will attach all of its sites to the new certificate.

Attach To Application

This tab includes a list of Server Groups. Selecting one will connect this Certificate to it.

Replace Existing Certificate

This tab includes a list of Certificates defined within the system. Selecting one and then clicking Save will result in all sites/applications being transferred from the selected Certificate over to the Certificate you're currently editing.

Download PFX

This will download the certificate information as a file in PFX format.